Automated Teller Machines (ATM) are in general believed to be relatively secure devices since they handle consumer financial transactions. However, ATMs are susceptible to malware, viruses, and eavesdropping just like any other device having memory and processor capabilities.
Modern ATMs often include peripheral ports or wireless technologies (such as WiFi, Bluetooth®, etc.) which may permit peripheral or device pairing with the ATMs. Generally, the wireless technologies are secured through encryption keys. The peripheral ports may be hidden out of typical sight but service engineers know here the ports are at and how to access them and some ingenious hackers may know how to gain access to the ports.
One particular peripheral that may be beneficial to connect to an ATM for legitimate reasons and/or malicious reasons is a keyboard. With a keyboard a service engineer can use keys or key sequences to access resources or run programs on the ATM, which may be unavailable via a typical touchscreen of existing limited encrypted PINPAD.
However, because keys and key sequences can bypass some security checks and directly access resources that can be detrimental to the security of the ATM. Some ATM security systems will block all users from certain keys or key sequences through the operating system's (OS's) registry. However, this approach is too rigid since an authorized user of the ATM may have a legitimate need to access the blocked keys or key sequences).
Therefore there is a need for improved finer-grain security associated with keys and key sequences of peripheral keyboards attached to a host machine.